Author: carnil Date: 2017-08-20 19:04:57 +0000 (Sun, 20 Aug 2017) New Revision: 54917
Modified: data/CVE/list Log: Add git-annex issue Not associating the issue with CVE-2017-1000117 since it similar but different issue, and in different codebase. Requested a separate CVE id. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-20 16:56:22 UTC (rev 54916) +++ data/CVE/list 2017-08-20 19:04:57 UTC (rev 54917) @@ -1,3 +1,8 @@ +CVE-2017-XXXX [Command injection via malicious ssh URLs] + - git-annex 6.20170818-1 + NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=c24d0f0 + NOTE: http://source.git-annex.branchable.com/?p=source.git;a=commitdiff;h=df11e54788b254efebb4898b474de11ae8d3b471 + NOTE: This is similar class of issue as for CVE-2017-1000117/git CVE-2017-12971 RESERVED CVE-2017-12970 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits